Denial Of Service (DoS)

github.com/etcd-io/etcd is vulnerable to Denial of Service DoS attacks.. The vulnerability exists because the PageWriter.write function does not properly handle large requests, which an attacker to exploit this vulnerability by sending a specially crafted request that is larger than the expected...

Denial Of Service (DoS)

github.com/etcd-io/etcd is vulnerable to denial of service. The vulnerability exists in multiple functions of discovery.go because the negative values can be passed as the cluster size which results in an index out-of-bound causing an application crash during service discovery...

Missing Authentication

github.com/etcd-io/etcd does not perform TLS authentication. When starting a gateway for endpoints provided in the --endpoints flag, it does not handle the endpoints validation...

Denial Of Service (DoS)

github.com/etcd-io/etcd is vulnerable to denial of service. An attacker is able to cause a panic in the decodeRecord method and a denial of service condition in a RAFT participant when decoding the WAL by forging a large frame size...

Weak Authentication

github.com/etcd-io/etcd is vulnerable to privilege escalation. The vulnerability exists as it uses Common Name CN in the etcd client server TLS certificate to authenticate user with any valid certificate to the gRPC-gateway...